Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681de169-d8d1-40da-9051-1bb122bbdbaa.roa
File: 681de169-d8d1-40da-9051-1bb122bbdbaa.roa (raw, json)
Hash identifier: 0PS7bYP4PtjtEsSyGn77TCGXWg5wgr07t31twh+KwZY=
Subject key identifier: DB:0B:D0:51:C7:07:70:78:01:68:CA:D2:83:3A:10:E3:01:50:BD:31
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 723D600F6807A71DCD8776B7780F4277D05B07FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681de169-d8d1-40da-9051-1bb122bbdbaa.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 32.160.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:3d:60:0f:68:07:a7:1d:cd:87:76:b7:78:0f:42:77:d0:5b:07:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: serialNumber=38f9311df12fa26e2f612ee4536ed21729ee6b2d6fc60c7205eb5ae8991cb111, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:14:b7:42:88:a0:ec:dd:6b:28:27:74:ac:
0e:8f:29:91:ea:04:b6:77:86:98:c4:78:33:87:c3:
c2:92:2c:18:7d:ac:3a:ac:e2:77:6e:38:4c:8a:40:
86:28:82:42:36:70:bf:b0:2a:99:d3:de:e0:b5:cd:
bb:89:a3:a7:5f:4a:4d:e2:43:33:41:3f:72:51:f2:
85:72:fd:d4:8b:be:64:e3:c6:d9:4a:5d:95:98:e3:
2c:cd:1c:ac:6d:9e:fa:2f:93:0a:da:75:af:18:9a:
b0:b2:63:07:d1:a5:51:79:51:06:04:18:eb:39:a5:
20:e3:ff:43:e6:c6:d5:b7:ca:12:fb:d6:a7:8a:4a:
4d:06:21:85:76:ae:9c:ed:2f:85:75:a9:52:33:5f:
22:ba:d1:f1:e3:9a:9c:f9:df:0a:79:b5:6a:dd:e1:
8a:15:94:cd:47:e2:cf:80:25:07:69:04:00:bd:c0:
1c:b5:7b:8e:60:72:26:e4:e7:59:48:e2:26:f2:45:
97:89:83:ac:fa:25:17:99:6e:7f:b5:28:8e:c2:c0:
8a:71:f1:84:38:c6:8a:4c:ce:a5:d7:75:a2:d7:83:
e2:10:17:08:0d:17:a6:fa:24:cd:7e:a1:ed:42:ab:
57:95:ee:81:61:35:59:37:7a:8d:90:bf:a6:9c:fe:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0B:D0:51:C7:07:70:78:01:68:CA:D2:83:3A:10:E3:01:50:BD:31
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/681de169-d8d1-40da-9051-1bb122bbdbaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
32.160.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b0:fc:59:9a:70:ee:ea:d7:37:d1:c8:cb:e5:74:24:34:dd:34:
39:95:19:96:6c:30:b2:63:cd:d3:7b:5c:6a:0b:c7:be:7a:55:
4f:73:86:51:26:7e:f2:3c:70:db:15:c7:bb:4a:67:ef:41:3c:
d4:8d:db:f2:d8:84:2d:33:92:37:3f:01:d5:5b:fc:5a:f6:a1:
9d:ef:b2:70:55:cc:41:2a:7b:48:dd:b3:32:19:26:b1:06:b8:
32:ba:db:29:5d:d0:fe:db:78:96:fd:01:92:f6:b0:fa:17:36:
43:a0:58:ff:da:10:dd:07:c4:29:04:53:27:ac:9d:03:84:df:
ba:58:f5:3a:29:61:83:a0:18:db:f6:f1:b6:16:03:de:6f:d8:
5f:ad:25:8a:68:fe:1a:d7:cb:99:94:6d:49:34:a4:a5:eb:ef:
47:0d:cb:04:c6:54:5b:fa:39:45:b7:c1:bf:09:31:c1:2d:89:
41:3b:58:7e:10:e2:b3:60:67:37:35:04:3f:2b:c6:f2:da:49:
f5:04:77:1b:3d:cc:0d:88:5a:89:3d:f9:0c:28:3d:5e:f2:e8:
ad:d8:78:58:5a:cc:49:7a:94:5b:89:68:3d:28:9c:7d:11:ac:
a7:65:d8:1d:55:12:f2:b2:76:fd:30:66:22:75:05:75:b1:a8:
86:a2:c1:e4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcj1gD2gHpx3Nh3a3eA9Cd9BbB/wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGY5MzExZGYxMmZhMjZlMmY2MTJlZTQ1MzZlZDIxNzI5
ZWU2YjJkNmZjNjBjNzIwNWViNWFlODk5MWNiMTExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvrRS3Qoig7N1rKCd0rA6PKZHqBLZ3hpjEeDOHw8KSLBh9
rDqs4nduOEyKQIYogkI2cL+wKpnT3uC1zbuJo6dfSk3iQzNBP3JR8oVy/dSLvmTj
xtlKXZWY4yzNHKxtnvovkwrada8YmrCyYwfRpVF5UQYEGOs5pSDj/0PmxtW3yhL7
1qeKSk0GIYV2rpztL4V1qVIzXyK60fHjmpz53wp5tWrd4YoVlM1H4s+AJQdpBAC9
wBy1e45gcibk51lI4ibyRZeJg6z6JReZbn+1KI7CwIpx8YQ4xopMzqXXdaLXg+IQ
FwgNF6b6JM1+oe1Cq1eV7oFhNVk3eo2Qv6ac/nzhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2wvQUccHcHgBaMrSgzoQ4wFQvTEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4MWRlMTY5LWQ4ZDEtNDBkYS05MDUxLTFiYjEyMmJiZGJhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIgoDANBgkqhkiG9w0BAQsFAAOCAQEAsPxZmnDu6tc30cjL5XQkNN00OZUZ
lmwwsmPN03tcagvHvnpVT3OGUSZ+8jxw2xXHu0pn70E81I3b8tiELTOSNz8B1Vv8
Wvahne+ycFXMQSp7SN2zMhkmsQa4MrrbKV3Q/tt4lv0Bkvaw+hc2Q6BY/9oQ3QfE
KQRTJ6ydA4Tfulj1Oilhg6AY2/bxthYD3m/YX60limj+GtfLmZRtSTSkpevvRw3L
BMZUW/o5RbfBvwkxwS2JQTtYfhDis2BnNzUEPyvG8tpJ9QR3Gz3MDYhaiT35DCg9
XvLordh4WFrMSXqUW4loPSicfRGsp2XYHVUS8rJ2/TBmInUFdbGohqLB5A==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:06:02 2025 by rpki-client